Episode 415 — Public Key Encryption, Backing Up Drivers, Hackers are People Too Documentary, and Organize Your Music Collection

Details

In this power packed episode Chris explores ways to securely communicate using public key authentication. Matt gives us a healthy helping of Drive Backup utilities. Darren interviews Ashley Schwartau about the documentary Hackers Are People Too. Shannon brings you a few tools for organizing that mismatched MP3 collection of yours.
[ MP4 | XviD | WMV ]

Show Notes

Shannon takes the spotlight and opens the show. Darren threatens to vote her off the hakhouse. We postponed the open sourcing of the missile launcher due to finals. Thanks Jason. Our friend Mubix has a great article on Multi-Boot Security Live CDs that makes last weeks pick, UNetbootin even more amazing.

Our next LAN Party will be Half-Life 2 Deathmatch on Saturday, December 13 at game.hak5.org. Prepare to get smack in the face with a flying toilet! Check out all the details at our brand spankin’ new Hak5 LAN Site (with leetness by Squarespace)

Public Key Encryption

In this segment we show you how to setup public key authentication between a windows and a linux host. There are many different software packages through which to accomplish this but we used openssh and putty.

Installing openssh on linux is relatively straightforward. Refer to their site for details. Once that’s setup, we generated a key using the command “ssh-keygen” and specified the filenames. You can customize the keys you generate as you wish, but we went with the defaults. After entering a passphrase twice, you’ll have a public and private key file, with the public having the extension .pub. The private key file stays on the server but we copy the public key over to our windows machine and convert it into putty format using Putty Generator. After you have the key, you can either pass it with scp using scp -i (pscp in our example since we’re using putty’s scp executable), or you can use the putty ssh client in order to pass the key instead of just a password to authenticate to the server. This makes an easy two-factor authentication mechanism.

After installing a fresh copy of your Windows OS of choice, the biggest headache for most of us is the arduous task of trying to locate drivers for all of our different components. So this post is all about making your reinstall a little less troublesome.

Here’s a list of some of the better driver backup utilities!

DriverBackup2 is a lightweight driver-backup tool. The application is portable with a caveat: you’ll need administrative privileges for full use. You can opt to backup one or all of your drivers, the backed up files are dumped into a tree structure based on driver name. DriverBackup2 also allows you to restore and delete unnecessary drivers. If you ever hunted for obscure drivers online, when installing legacy or obscure hardware for instance, DriverBackup2 will save you the hassle of searching them out again.

Double Driver lists all the hardware drivers installed on your system and creates backups of both the actual drivers and lists of the driver names. While handy with any computer, Double Driver really shines if you have a computer that came with pre-installed drivers that are hard if not impossible to come by. With a few clicks you’ll have those archaic laptop drivers backed up and ready to put back to work after a fresh install.

DriverMax allows you to easily reinstall all your Windows drivers. No more searching for rare drivers on discs or on the web or inserting one installation CD after the other. Simply export all your drivers (or just the ones that work ok) to a folder or a compressed file. After reinstalling Windows all drivers can be back in place in less than 5 minutes.

DriverView is a helpful upgrade from looking through devices individually in the Device Manager, but the real value here is in the list generation. Create an HTML-formatted backup list for your future troubleshooting needs or export to text to show friends or forum members just what’s gone wrong. While it doesn’t actually backup drivers, if you’re still into doing things the old fashion way, DriverView is a great choice!

Now that we’ve got all of the corporate slogans and descriptions out of the way, my personal favorite is the first link we’ve talked about here. The interface is the least cluttered, and the process really couldn’t be any easier. For those of you who are looking to deploy driver backups in an automated fashion, there’s a built in commandline builder! Like I said, I’ve personally used it and really does make life alot easier after a reinstall.

I have thousands of songs on my computer and some of them are missing titles, artists, etc. So when I hop on iTunes to download my feed of podcasts (like Hak5!), I use TuneUp Media to clean up some of my music.

TuneUp Media has the ability to find your songs basically by listening to them, and tell you the information for each one. You simply drag your song over to the clean up bar on the right, and TuneUp finds your songs info in a few seconds. It even gives you a choice of album art you can use.

I like TuneUp simply because I’m really organizational. There are a few bugs though… Firstly, once you download TuneUp, you don’t have the option to close it while in iTunes (unless this has changed recently). Second, there are two versions – free and not free. With the free version, you only have 500 songs to clean up. In the payed version- you can clean up as much as you want.

The second one is TagScanner. Tagscanner is good for someone who doesn’t like iTunes. In tagscanner, you can not only clean up the names and artists on your music, but you can also fix up the ID3 tags for each song, down to lyrics and album art. You can also export your music into a .txt or excel spreadsheet, which is pretty neat.

13 Comments

Another Great ep, Well done to all.
Snubs looked very relaxed and you all looked to be having fun as always.
Great skype interview really came over well, and that documentry sounds great i just orded a copy this morning. Cant wait to watch it
Keep up the great work and cant wait to see the ces coverage
tvguy

The driver back-up was great. I hate having to download and install driver when computers become corrupt. This is a great time saver. The music tagging software was great too. I had heard of Tuneupmedia but never tried it. I think I will after I saw how easy it was.

I loved your show guys and I’m gonna look into setting up my own missle launcher soon,,,,,,,,I have a program you might like atleast I think you can still get it free it’s called maxblast4 it’s for maxtor drives an other I use is killdisk it has the dod option for realy wipping a drive thats asumming you have a floppy drive,I’ve found quite a few older pc’s that wont boot g-parted so I still use both killdisk&maxblast4

Loved the work you guys are doing! Thank you for doing such a great job!

I use MediaMonkey for my mp3 collection. I organized my messed up collection with it a year or so ago. It helped with getting the covers and either putting them into the id3 tag or placing the file into the folder with the music (so you aren’t changing the files). It also nicely organized my files into their own folders so everything wasn’t stuffed into one massive file. I also used mp3tag to help make sure the filenames matched the id3 tags or vice versa. Mp3tag is free and there is a freeversion of mediamonkey. If you don’t want to use itunes, mediamonkey (or the new Songbird) rock.

RE: Public Key Encryption
PuTTy using OpenSSH is great, what about covering other Windows clients like WinSCP?
Shannon or Darren should go over how to use public key encryption for tasks like, say, connecting to a self-hosted WordPress blog to add plugins like reCAPTCHA =)
Thanks!

Chris,
Like you said there are so many options there its hard to cover them all! Thinking back to using SSH in Windows Putty and WinSCP were some of the best, also many file transfer clients like FileZilla are crossplatform and support SFTP which is SSH compatible.
Using PamUSB for login looks like alot of fun, does it support SSH certificates? Looking forward to it =)

When I watched episode 415, I noticed something in your explanation that, if I’m correct, is wrong. It’s something in your story about SSH and public key encryption.

Quote 1:”…and you use the public key to encrypt your, you know, to encrypt and along with your passphrase…” (AVI file: 0h:11m:19s)

Quote 2:”…everyone can encrypt a message or, within variuos implementations, encrypt it with the passphrase..” (AVI file: 0h:12m:13s)

This suggests that if someone wants to send you an encrypted message/file, he or she needs your public key ALONG with the passphrase you entered during the creation of your key pair. This isn’t right in my opinion.
The only reason for the passphrase to exist is to protect your private key from abuse in case someone steels it.

Some follow-up on episode 415. The reason why you couldn’t directly import a PuTTY generated key file into the server OpenSSH environment is because a .ppk file contains BOTH the public and private key. (The “.ppk” extension probably stands for something like: public private key). When you copy the public key part into an “authorized_keys” file on the linux server you should be able to authenticate with the PuTTY generated key. BTW: This is also suggested in the “Key” field of “PuTTY Key Generator”

The way you made your solution working is unsafe because you now have multiple copies of your server’s private key. And here is why:
What you did was copying the private key (In your case “id_rsa”) form the linux server to your XP machine and imported it into PuTTY. (You normally don’t want to do that! Remember your Fort Knox remark about the private key.) So you actually “stole” the private key from your linux server, re-generated the public key with PuTTY and stored the key pair in a .ppk file. The only reason why this worked is that you knew the passphrase of the server’s private key. (Normally Hackers work this way).

When Darren asked you to open the .ppk file in Notepad++ you could clearly see the linux server’s public AND private key… (This is not probably what you want). When finally connecting to the ssh server you used your local copy of the server’s private key.

The normal way to setup these kind of connections is demonstrated in the hyperlink mentioned above. So, the PuTTY generated public key should be copied to the linux server and added to a “authorized_keys” file, not by copying the servers private key to the XP system.

Windows seven themes are some on the most striking themes. It’s got turn into a very hot option for all those people who are utilizing the operating program in addition as those, who’re nevertheless joyful with their XP and [url=http://themes4vista.com/areofire-v3-windows-vista-theme-free-download ]make your screen come alive [/url] Operating Systems. But contrarily, Windows 7 themes will not be compatible with XP or Vista.

Ways to get it labored on other variations of functioning process? Scroll right down to get the tweaks which might allow you to give a Windows 7 look for your Windows Vista and Windows XP enabled computer systems.

Install 7-Zip Windows seven themes working with “.themepack” extension.
To extract information through the zipped Windows seven concept folder, put in free of charge 7-zip utility. This will likely extract your files right into a new folder.
The many Vista customers that are operating Aero, a double click on on the freshly created theme folder would let you alter your windows borders in one on the downloaded theme outlook.
Individuals consumers, who will be seeking to put into action Windows seven concept on XP enabled device, can it completed by especially clicking ‘set as desktop qualifications.’
You can find another mild tool, which can help in putting together windows themes on XP. That is called “wallpaper shifter app.” This application picks random wallpapers from selected directory and sets it for the reason that lively Windows wallpaper.
If you want to add theme sound and Icons, it is very very easy to do, as you only have to replicate the sound files (they’re commonly in.wav format) towards the default media folder.
To include any windows 7 concept icons on your Windows Vista device, it’s important to suitable click at anyplace about the desktop and then opt for ‘personalize.’ It should be adopted by clicking on ‘change desktop icons.’ Now selected the icon, which you ought to.
To change desktop icon in XP enabled machine, like Windows Vista, you will need to appropriate simply click everywhere on Desktop. Now pick out ‘properties’. This could be adopted by range of ‘Change Icon’ tab after which browsing of recent icons.
To vary your Visa or XP screensavers or cursors’ seem into Windows seven, you could duplicate the screensaver information through the downloaded Windows seven concept pack and duplicate into windows technique folder. You’ll be able to alter them by getting a tour to regulate panel.

Take pleasure in Windows 7 characteristics on your Windows Vista and Windows XP system… Your entire process is bit time-taking but glance is well worth the compensated time.

?f ?omething were to go wrong you would be alert?d by
phone, email or even text messag? so you could rapidly
take action. In general shared hosting will be
inappropriat? for users who require extensive software development outside what
the hosting provider supports. This coul? ?ose both ? physical and moral problem for the owners of
th? children’s w?bsite. In order to understand this, you must
first learn about de?icate? and shared hosting.
?inally t?e decision resides ?ith you and your needs for making the
choice. If y?u wish to save some cash, shared hosting
will be the best option for you. ?he downside is that other ?eople have access to your server.
You ent?r an ?P or DNS name and st?rt and stop a
port range, and this tool will be a port scan shows all open ports.
This is particul?rly ?mpo?tant for websites with many v?sitors as slow t? load sites ar?
?ery ?npop?lar and discourage visitors from returning.
?ou can only work within the const?ains of a shared environment.

I loved as much as you will receive carried out
right here. The sketch is tasteful, your authored material stylish.
nonetheless, you command get got an nervousness over that you wish be delivering the following.

unwell unquestionably come further formerly again as exactly the same nearly very often inside case you shield
this hike.

A shawl makes a nice item for a woman to wear out for
an evening or to a formal event. As you move from the ceremony to the reception n and the party, you will
discover the need for a lighter dress that
is not restricting. The silk crepe de chine material moves beautifully while the button-lined back and small train create a fabulous finish.

You’re so cool! I don’t suppose I’ve read anything like this before.
So wonderful to discover somebody with some genuine thoughts on this subject matter.
Seriously.. thank you for starting this up. This site is
something that is required on the internet, someone with a
bit of originality!

I don’t even understand how I finished up right here, but I thought
this post was once good. I do not know who you’re however certainly you are going
to a famous blogger should you are not already. Cheers!

This is pretty good in case you are employed to eating large portions as you
will observe that you eat less. Except I already stood a slice so I’m wanting to concentrate on the whole picture.
Many folks have short of the attitude and suppose that all they should do is exercises for three months and they’re going
to have the great body through out their life.

Do you mind if I quote a couple of your posts as long as
I provide credit and sources back to your webpage? My blog site
is in the exact same niche as yours and my visitors would certainly benefit from some of the information you present
here. Please let me know if this alright with you. Thanks
a lot!

Hi there! I know this is somewhat off topic but I was wondering if
you knew where I could find a captcha plugin for my comment form?
I’m using the same blog platform as yours and I’m having problems
finding one? Thanks a lot!

Veterinarians cann ?e relied on to take care of common pets but how doe? one choose a veterinarian f?r ?is exotic pet.
Once ?ou decide w?at it is that you want t? do, it’s
timne to figure ?ut wht y?u’re d?ing w?th yoyr t?me, t?en to apply some basic tiime management techniques.
schulze’? “Can Time Management be Unnecessarily Complicated by the Rigorous Scheduling of a Project Manager.

‘ Marketing your business on the Internet gives you a wide access
of your potential clients. This is done by using the Hughesnet Download Manager.
Sweet talking ‘call center agents’ at the other end of
the telephone line would offer a free trial of a supposed new product or an IT
system that is apparently being packaged as ‘something new’ in the market.